Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2820960EFE11F1B19E13C1DAE4EC9C.roa
File: 2B2820960EFE11F1B19E13C1DAE4EC9C.roa (raw, json)
Hash identifier: RDCn7yo+wZviNEF3zLD9RSdJyaIRpDTt20nmvRcbcME=
Subject key identifier: 03:0E:D8:20:17:6A:3C:EF:05:D8:22:12:E7:0C:4C:C4:A5:66:4E:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01BAD1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2820960EFE11F1B19E13C1DAE4EC9C.roa
Signing time: Sat 21 Feb 2026 08:20:23 +0000
ROA not before: Sat 21 Feb 2026 08:20:19 +0000
ROA not after: Fri 27 Mar 2026 08:20:19 +0000
asID: 3257
IP address blocks: 154.206.240.0/21 maxlen: 24
154.206.248.0/21 maxlen: 24
154.208.64.0/21 maxlen: 24
154.208.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 03 Mar 2026 00:07:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113361 (0x1bad1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 21 08:20:19 2026 GMT
Not After : Mar 27 08:20:19 2026 GMT
Subject: CN=69996ac7-bc61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4c:74:5c:64:69:df:28:ba:7c:12:d9:d3:4d:
c3:f9:fb:45:b8:0c:be:70:fa:d4:4a:88:79:e6:ce:
ea:6a:7b:41:33:3e:f8:18:77:3e:0a:c6:14:7f:f7:
a6:fb:24:8a:4a:e2:2d:83:c1:92:64:9e:a9:c7:cc:
e6:1e:9d:58:0b:49:a6:d0:9d:52:33:1f:35:a9:36:
6b:d3:7b:66:83:06:ec:d3:af:b8:46:e9:3f:a3:3c:
a4:23:87:90:70:97:75:7d:9e:fe:4a:6a:a6:01:a1:
0f:05:42:29:a2:90:c8:21:6f:99:1a:21:a9:22:72:
60:0d:01:23:ca:02:98:34:0a:b8:4b:b2:09:52:cc:
ad:a4:b4:eb:da:d6:41:01:11:d1:42:31:de:11:f5:
76:b7:5e:ea:8c:8a:f5:46:76:bd:01:2b:07:c5:d5:
98:68:3a:18:e9:2d:9e:9e:8c:65:f9:50:1d:38:92:
af:6b:e8:8c:21:bd:e2:e1:cd:b2:07:11:ff:6a:3a:
1e:96:4f:ce:b9:1d:82:03:3a:ed:77:4b:88:c1:59:
e6:bc:31:e7:82:93:bb:94:e1:e2:4b:03:58:95:7b:
79:89:62:09:b7:88:f3:5d:4a:36:20:fb:3e:4d:2b:
ee:a2:ad:33:3b:51:66:66:ac:5c:54:0c:6a:f1:dc:
ba:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0E:D8:20:17:6A:3C:EF:05:D8:22:12:E7:0C:4C:C4:A5:66:4E:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B2820960EFE11F1B19E13C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.240.0/20
154.208.64.0/21
154.208.112.0/21
Signature Algorithm: sha256WithRSAEncryption
12:93:0e:f4:d2:e6:5f:3a:5c:f7:8f:9a:db:6d:70:02:86:bb:
b7:3e:08:ae:c3:0f:03:d7:0a:d7:e9:72:df:b7:6d:00:e4:6a:
6d:b3:f3:26:96:f5:bd:38:f6:ba:75:ae:fc:92:b6:5e:e5:aa:
7c:05:6a:e8:ec:cd:ac:7b:80:af:0c:34:f9:e5:33:16:d4:be:
0e:57:47:47:ef:8b:cd:ae:53:14:f6:98:4a:91:cd:3f:17:37:
ac:21:90:2f:7d:4d:11:31:b3:80:54:15:9f:1b:c0:13:ab:52:
dd:6b:5c:1f:a1:13:50:64:79:0a:df:00:61:b9:78:ab:75:1e:
8e:48:31:a8:39:7d:ea:f4:52:cb:75:04:20:b5:d9:33:ea:5f:
ab:89:31:22:80:2a:4b:54:5e:8b:57:e5:ea:11:ac:fe:f2:f4:
e4:b0:86:40:cb:33:bd:c3:cb:c1:49:28:49:66:e3:15:c1:d2:
cf:f2:2c:dc:bd:f4:93:a4:35:bd:a7:6b:2f:3d:61:d2:77:c8:
c1:72:02:61:fc:ad:74:5d:26:b7:7c:d3:37:2b:d2:e6:94:27:
1d:df:68:2b:01:c5:1b:c7:80:7c:45:71:f7:7a:ad:06:7c:f1:
ae:ab:52:1a:0f:55:ef:95:99:73:ed:f0:f0:be:36:73:ea:91:
db:0e:44:87
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAbrRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMjIxMDgyMDE5WhcNMjYwMzI3MDgyMDE5WjAYMRYw
FAYDVQQDEw02OTk5NmFjNy1iYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxkx0XGRp3yi6fBLZ003D+ftFuAy+cPrUSoh55s7qantBMz74GHc+CsYU
f/em+ySKSuItg8GSZJ6px8zmHp1YC0mm0J1SMx81qTZr03tmgwbs06+4Ruk/ozyk
I4eQcJd1fZ7+SmqmAaEPBUIpopDIIW+ZGiGpInJgDQEjygKYNAq4S7IJUsytpLTr
2tZBARHRQjHeEfV2t17qjIr1Rna9ASsHxdWYaDoY6S2enoxl+VAdOJKva+iMIb3i
4c2yBxH/ajoelk/OuR2CAzrtd0uIwVnmvDHngpO7lOHiSwNYlXt5iWIJt4jzXUo2
IPs+TSvuoq0zO1FmZqxcVAxq8dy6hQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFAMO
2CAXajzvBdgiEucMTMSlZk4rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjI4MjA5NjBFRkUxMUYxQjE5RTEzQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEms7wAwQDmtBAAwQDmtBw
MA0GCSqGSIb3DQEBCwUAA4IBAQASkw700uZfOlz3j5rbbXAChru3Pgiuww8D1wrX
6XLft20A5Gpts/MmlvW9OPa6da78krZe5ap8BWro7M2se4CvDDT55TMW1L4OV0dH
74vNrlMU9phKkc0/FzesIZAvfU0RMbOAVBWfG8ATq1Lda1wfoRNQZHkK3wBhuXir
dR6OSDGoOX3q9FLLdQQgtdkz6l+riTEigCpLVF6LV+XqEaz+8vTksIZAyzO9w8vB
SShJZuMVwdLP8izcvfSTpDW9p2svPWHSd8jBcgJh/K10XSa3fNM3K9LmlCcd32gr
AcUbx4B8RXH3eq0GfPGuq1IaD1XvlZlz7fDwvjZz6pHbDkSH
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:19:38 2026 by rpki-client